Emq X broker taking more time to connect

[keerthi...@gmail.com]

Hi

I installed Emq X  broker on cluster  and added nginx rule to access Emq x from outside .  I used javascript client to connect to Emq x broker .But  80% of time connection to Emq x not happening first time .After 2 or 3 attempts only successful connection happening .  I attached  javascript code ,console logs , nginx rule and emqx configuration for 8083. ,8084 .Please help me to resolve the problem . This connection issue is causing so much delay in using application .

Javascript Client Code ::

<script src="https://unpkg.com/mqtt/dist/mqtt.min.js"></script>

<script>

const WebSocket_URL = 'wss://XXX.com/mqtt'

const options = {

// Authentication

clientId: 'emqx_100123400_568bg',

username : 'username',

password: 'password'

//clean: true,

}

console.log("Call connection initalized " , new Date());

const client = mqtt.connect(WebSocket_URL, options)

// after connect

client.on('connect', () => {

console.log('Connected to', WebSocket_URL , new Date())

console.log(new Date())

client.subscribe('hello', (err) => {

console.log(err || 'Subscribe Success')

})

client.publish('hello', 'Hello EMQ X', (err) => {

console.log(err || 'Publish Success')

})

})

// handle message event

client.on('message', (topic, message) => {

console.log('Received form', topic, ':', message.toString())

// disconnect

//client.end()

})

</script>

Console Logs ::

Below is the nginx rule ::

upstream hive_mq {

    server XXX1:8083; #node1

    server XXX2:8083; #node2

    server XXX3:8083; #node3

}

server {

    listen *:443 ssl;

    server_name XXX.com;

        server_tokens off;

    add_header X-Frame-Options "SAMEORIGIN";

    add_header X-Content-Type-Options nosniff;

    add_header X-XSS-Protection "1; mode=block";

    #ssl on;

    ssl_certificate      /etc/nginx/ssl/public.crt;

    ssl_certificate_key  /etc/nginx/ssl/private.rsa;

   keepalive_timeout 3m;

   ssl_session_timeout 5m;

   ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

   ssl_prefer_server_ciphers   on;

   ssl_session_cache shared:SSL:50m;

   ssl_stapling on;

   ssl_stapling_verify on;

   add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";

       location /mqtt {

                proxy_pass http://hive_mq/mqtt;

                proxy_set_header X-Real-IP $remote_addr;

                proxy_set_header Host $host;

                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

                proxy_http_version 1.1;

                proxy_set_header Upgrade $http_upgrade;

                proxy_set_header Connection "upgrade";

                proxy_read_timeout 86400;

                proxy_connect_timeout 86400;

                # Path rewriting

                proxy_redirect off;

        }

}

Below are the details of emqx.conf  for port 8083::

## Examples: 8083, 127.0.0.1:8083, ::1:8083

listener.ws.external = 8083

listener.ws.external.mqtt_path = /mqtt

listener.ws.external.acceptors = 4

listener.ws.external.max_connections = 102400

listener.ws.external.max_conn_rate = 1000

listener.ws.external.active_n = 100

listener.ws.external.zone = external

listener.ws.external.access.1 = allow all

listener.ws.external.verify_protocol_header = on

listener.ws.external.backlog = 1024

listener.ws.external.send_timeout = 15s

listener.ws.external.send_timeout_close = on

listener.ws.external.nodelay = true

## Examples: 8084, 127.0.0.1:8084, ::1:8084

listener.wss.external = 8084

listener.wss.external.mqtt_path = /mqtt

listener.wss.external.acceptors = 4

listener.wss.external.max_connections = 16

listener.wss.external.max_conn_rate = 1000

listener.wss.external.active_n = 100

listener.wss.external.zone = external

listener.wss.external.access.1 = allow all

listener.wss.external.verify_protocol_header = on

listener.wss.external.proxy_address_header = X-Forwarded-For

listener.wss.external.proxy_port_header = X-Forwarded-Port

listener.wss.external.proxy_protocol = on

listener.wss.external.tls_versions = tlsv1.2,tlsv1.1,tlsv1

listener.wss.external.keyfile = /etc/nginx/ssl/private.rsa

listener.wss.external.certfile = /etc/nginx/ssl/public.crt

listener.wss.external.cacertfile = /etc/emqx/certs/cacert.pem

listener.wss.external.verify = verify_none

listener.wss.external.fail_if_no_peer_cert = false

listener.wss.external.ciphers = ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-ECDSA-DES-CBC3-SHA,ECDH-ECDSA-AES256-GCM-SHA384,ECDH-RSA-AES256-GCM-SHA384,ECDH-ECDSA-AES256-SHA384,ECDH-RSA-AES256-SHA384,DHE-DSS-AES256-GCM-SHA384,DHE-DSS-AES256-SHA256,AES256-GCM-SHA384,AES256-SHA256,ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES128-SHA256,ECDHE-RSA-AES128-SHA256,ECDH-ECDSA-AES128-GCM-SHA256,ECDH-RSA-AES128-GCM-SHA256,ECDH-ECDSA-AES128-SHA256,ECDH-RSA-AES128-SHA256,DHE-DSS-AES128-GCM-SHA256,DHE-DSS-AES128-SHA256,AES128-GCM-SHA256,AES128-SHA256,ECDHE-ECDSA-AES256-SHA,ECDHE-RSA-AES256-SHA,DHE-DSS-AES256-SHA,ECDH-ECDSA-AES256-SHA,ECDH-RSA-AES256-SHA,AES256-SHA,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA,DHE-DSS-AES128-SHA,ECDH-ECDSA-AES128-SHA,ECDH-RSA-AES128-SHA,AES128-SHA

listener.wss.external.backlog = 1024

listener.wss.external.send_timeout = 15s

listener.wss.external.send_timeout_close = on